The recent Pectra upgrade on Ethereum's Sepolia testnet has led to a series of errors, exacerbated by an attacker exploiting a vulnerability.
Encountering Issues After Pectra Upgrade
The Pectra upgrade on the Sepolia testnet, carried out on March 5, caused errors on Ethereum nodes, as reported by developer Marius van der Wijden. The main issue was an incorrect event in the deposit contract, leading to the mining of empty blocks.
Attack Using Zero Token
Although a fix was rolled out, an attacker took advantage of a missed edge case by sending a 0-token transfer, again triggering the error. This transaction came from a newly funded account, highlighting a vulnerability in ERC-20 allowing zero token transfers.
Developers' Response and Future Measures
Developers implemented a temporary fix, updating network nodes to block the offending transactions. All nodes were updated by 2 PM on March 5, resolving the problem. The Pectra upgrade will be postponed until more tests are conducted.
The Sepolia testnet incident underscored the need for further checks and tests to prevent similar attacks in the future. Developers are working on solutions before releasing the Pectra upgrade.
